Top Layer Security, a leading global provider of Network Intrusion Prevention Systems (IPS), today announced new real-time shunning features for fighting botnets and other rate-based attacks, providing organizations with an unparalleled defense-in-depth technique to support the powerful automated attack defense in Top Layer’s IPS 5500 E-Series. The IPS 5500 can quickly reject traffic from IP addresses, temporarily or permanently, that are suspected of originating or being related to an attack - this action is called shunning.

Now available in the Top Layer IPS 5500 E-Series v5.2, the new shunning features offer organizations the ability to interactively identify current attackers and then shun attack-traffic from all associated attackers, providing another layer of defense against the growing threat of malicious botnet attacks. Additionally, a new user interface provides “attack defense” dashboards that allow Security Operation Center personnel to quickly switch between “quiet-time” monitoring and “under siege” incident response.

“With limited skills required for attackers to organize a botnet army of thousands— or even tens of thousands – of compromised machines, and a variety of attack motives such as extortion, political statements, greed, or unethical competitive business practices, the number and variety of botnet-initiated attacks on organizations continue to grow,” said Mike Paquette, chief strategy officer, Top Layer Security. “The new shunning capabilities in our IPS 5500 E-Series provide powerful attack defense and active, detailed incident monitoring, ensuring that as these attacks grow in size, organizations’ network performance and Internet operations will not be compromised.”

The new shunning features for improved defense in the Top Layer IPS 5500 E-Series V5.2 offer the following capabilities:

Attack Source Identification – The “Security Event Viewer” enables users to identify a set of attacker IP addresses associated with blocked and detected attacks.

Malicious IP Address Shunning – Users are able to isolate “events of interest” and automatically shun all IP addresses associated with a particular attack event – or only shun those IP addresses involved with all events. Users can set time periods for how long each address should be shunned, as well as manually unshun addresses that are determined safe.

Attack Defense Dashboards – A new user interface allows Security Operations Center personnel to switch between “quiet-time” monitoring and “under siege” incident response.

Additional Router Protection – Administrators can export a list of IP addresses being shunned so that they can be imported into a router for blocking by the router.

Pricing and Availability

The new shunning features are included as part of IPS 5500 E-Series software v5.2, available immediately. IPS 5500 E-Series customers with current support contracts have access to this new software at no charge. More information is available at www.TopLayer.com.

About the Top Layer IPS 5500

The IPS 5500 family of products is built in the USA and offers the strongest levels of network protection, performance, and reliability on the market today. By combining content-based IPS/IDS, stateful firewall, and attack mitigation algorithms, the IPS 5500 is the only solution that provides Three Dimensional Protection (3DP) against malicious content, undesired access and botnet-based attacks. Top Layer’s architecture enables the IPS 5500 to protect enterprises and service providers from sophisticated attacks in real-time while enabling the highest throughput of legitimate traffic.

The IPS 5500 E-series has received top accolades from the world’s most prestigious labs and influential publications. In addition, Top Layer has received significant recognition from the NSS Group, Computer Reseller News, Information Security Magazine, IT Week, Service Provider Weekly, the Tolly Group and was awarded “Best Buy” status by SC Magazine in their 2007 review of IDS/IPS solutions as well as Best IPS Product of 2007.

About Top Layer Security

Top Layer Security is a leading global provider of Network Intrusion Prevention Systems (IPS) that enables enterprise organizations to protect their critical on-line assets from risks associated with cyber threats. Designed with Three Dimensional Protection, Top Layer’s IPS provides the most advanced protection against attacks at the highest tested performance rates. Top Layer Security is headquartered in Massachusetts, USA with sales and services support worldwide.

All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

• Altor VF 2.0 Provides Defense-in-Depth Security to Virtualized Environments